CN117692144B - Privacy protection method and system for multi-party private set operation under threshold condition - Google Patents
Privacy protection method and system for multi-party private set operation under threshold condition Download PDFInfo
- Publication number
- CN117692144B CN117692144B CN202410155004.0A CN202410155004A CN117692144B CN 117692144 B CN117692144 B CN 117692144B CN 202410155004 A CN202410155004 A CN 202410155004A CN 117692144 B CN117692144 B CN 117692144B
- Authority
- CN
- China
- Prior art keywords
- arithmetic
- threshold condition
- share
- result
- private
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000012360 testing method Methods 0.000 claims abstract description 13
- 238000009825 accumulation Methods 0.000 claims description 8
- 238000010276 construction Methods 0.000 claims description 5
- 239000004744 fabric Substances 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 abstract description 17
- 230000006870 function Effects 0.000 description 8
- 238000006243 chemical reaction Methods 0.000 description 6
- 238000013507 mapping Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 3
- 230000000739 chaotic effect Effects 0.000 description 3
- 241000544061 Cuculus canorus Species 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 241000499489 Castor canadensis Species 0.000 description 1
- 235000011779 Menyanthes trifoliata Nutrition 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a privacy protection method and a privacy protection system for multi-party private set operation under a threshold condition, which relate to the technical field of privacy protection and comprise the following steps: acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares; and calling a zero-value test protocol by taking the arithmetic secret share as input to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result satisfy the threshold condition. And on the basis of not revealing any privacy information of the participants except the result, the collection operation and the statistical calculation of related data under the multiparty scene are completed.
Description
Technical Field
The invention relates to the technical field of privacy protection, in particular to a privacy protection method and a privacy protection system for multi-party private set operation under a threshold condition.
Background
In the big data age, information interaction is frequent, different participators master private data of the participators respectively, the participators want to use the private data to jointly perform some function calculation tasks, and meanwhile, other participators do not want to acquire sensitive information of the participators.
Data is typically involved in communication between entities in sets, and in life, in the task context of multiple participants, the intersection, union of data, and related statistical calculations of data (such as the cardinality of the final set, the sum of element-related data, etc.) are of interest to them.
In the intersection computing case of the collection, the participants can only know the data common to all individuals; in the case of a union calculation of the set, the participants can only know the data common to all individuals, and no additional information is revealed beyond these data.
In combination with the threshold idea, the participants can obtain the aggregate information, i.e. the data common to some individuals, which meets the threshold condition. For example, in a voting system scenario of a social event, each voter independently grasps its voting information, and when their voting is completed, hopes to obtain a final voting result exceeding a certain voting proportion, and performs a relevant statistical calculation based on the voting information; meanwhile, any participant does not want his or her own voting information to be known to others for the protection of each participant's voting information.
Disclosure of Invention
In order to solve the problems, the invention provides a privacy protection method and a privacy protection system for multi-party private collection operation under a threshold condition, and the collection operation and the statistics calculation of related data under a multi-party scene are completed on the basis of not revealing any privacy information of the participants except the result.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
in a first aspect, the present invention provides a privacy protection method for multi-party private set operation under a threshold condition, applied to at least two cloud servers, including:
receiving operation requirements, and determining element space and threshold conditions of a private collection of a participant;
Acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares;
and calling a zero-value test protocol by taking the arithmetic secret share as input to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result satisfy the threshold condition.
As an alternative embodiment, the arithmetic share of the secret value of each private set of participants under the arithmetic share is:
For the ith participant Private collections/>Performing simple hash operation to obtain a simple hash bucket/>,/>Is an element in a simple hash bucket; polynomial construction of jth simple hash bucketCoefficients of polynomial to construct simple hash bucketArithmetic share is arithmetic share/>And/>Respectively sending the data to two cloud servers, wherein d is the size of a simple hash bucket; /(I)Is a hash function; y is an argument of a polynomial function, namely an element in a simple hash bucket corresponding to each participant; /(I)Is an exponential form of an argument; p is the exponent of the argument; /(I)Is a constant term corresponding to the argument index.
As an alternative embodiment, the secret share is calculated as arithmeticAnd/>For input, a zero value test protocol is called to obtain an arithmetic share output result/>And/>And accumulating the obtained products to obtain an accumulated result/>And/>N is the number of participants.
As an alternative embodiment, the set of elements that meet the threshold condition is: when the threshold condition t is set to 1, the private set union is output, when the threshold condition t is set to n, the private set intersection is output, and when the threshold condition t is other value, the private set information satisfying the threshold condition is output,/>Representing the order of elements in element space if the ith party/>If there is an element x, the element index is set to 0, and n is the number of participants.
As an alternative embodiment, the element set size is: output result after comparisonAdding to obtain element adding result/>And/>And reconstructing the element accumulation result to obtain the element set size meeting the threshold condition, wherein C is the element space.
As an alternative implementation manner, the statistical result of the related association data in the element set is:
Hash the cloth valley barrel The set of medium element association data is denoted/>Will beArithmetic share is arithmetic share/>And/>;
The first cloud server receivesTo/>For input, a share multiplication protocol is called to obtain output/>;
Second cloud server receptionTo/>For input, a share multiplication protocol is called to obtain output/>;/>Outputting a result after comparison;
first cloud server computing sum value Second cloud server computing sum valueThus, the sum of the two sum values is the sum value of the related associated data in the element set satisfying the threshold condition.
In a second aspect, the present invention provides a privacy protection system for multi-party private set operation under threshold conditions, comprising: the cloud server comprises a participant, a receiver and at least two cloud servers; the cloud server receives the operation requirement, determines the element space and the threshold condition of the private set of the party, and then sends the element set, the element set size and the statistical result of related associated data in the element set meeting the threshold condition to the receiver;
The cloud server is configured to:
Acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares;
and calling a zero-value test protocol by taking the arithmetic secret share as input to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result satisfy the threshold condition.
As an alternative embodiment, the set of elements that meet the threshold condition is: when the threshold condition t is set to 1, the private set union is output, when the threshold condition t is set to n, the private set intersection is output, and when the threshold condition t is other value, the private set information satisfying the threshold condition is output,/>Representing the order of elements in element space if the ith party/>If there is an element x, the element index is set to 0, and n is the number of participants.
As an alternative embodiment, the element set size is: output result after comparisonAdding to obtain element adding result/>And/>And reconstructing the element accumulation result to obtain the element set size meeting the threshold condition, wherein C is the element space.
As an alternative implementation manner, the statistical result of the related association data in the element set is:
Hash the cloth valley barrel The set of medium element association data is denoted/>Will beArithmetic share is arithmetic share/>And/>;
The first cloud server receivesTo/>For input, a share multiplication protocol is called to obtain output/>;
Second cloud server receptionTo/>For input, a share multiplication protocol is called to obtain output/>;/>Outputting a result after comparison;
first cloud server computing sum value Second cloud server computing sum valueThus, the sum of the two sum values is the sum value of the related associated data in the element set satisfying the threshold condition.
Compared with the prior art, the invention has the beneficial effects that:
The invention provides a safe calculation method combining the operation of a multiparty private set with a threshold value and related statistical data, which reduces the calculation and storage resources of a participant entity by carrying out auxiliary calculation by means of two non-collusion cloud servers, and leads n to be The individual participants calculate by using own private data to obtain collection information meeting the condition exceeding a threshold value and statistical calculation results of the collection related data, wherein the collection information comprises the sum of the collection size and the collection related data, and any private information of the participants except the results cannot be revealed, so that collection operation and statistical calculation of the related data under a multiparty scene are completed.
Additional aspects of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
Fig. 1 is a schematic flow chart of a privacy protection method of multi-party private set operation under the threshold condition provided in embodiment 1 of the present invention;
fig. 2 is a schematic architecture diagram of a participant, a receiver and a cloud server according to embodiment 1 of the present invention.
Detailed Description
The invention is further described below with reference to the drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, unless the context clearly indicates otherwise, the singular forms also are intended to include the plural forms, and furthermore, it is to be understood that the terms "comprises" and "comprising" and any variations thereof are intended to cover non-exclusive inclusions, e.g., processes, methods, systems, products or devices that comprise a series of steps or units, are not necessarily limited to those steps or units that are expressly listed, but may include other steps or units that are not expressly listed or inherent to such processes, methods, products or devices.
Embodiments of the invention and features of the embodiments may be combined with each other without conflict.
Description of the terms
(1) A cuckoo hash (cuckoo hash); is a common optimization technology in the research of privacy set operation, and can utilize k hash functionsMapping m elements to/>In a single hash bucket, there is at most one element allowed in each hash bucket. The mapping rules are as follows: first will/>Initializing hash buckets and recording as. For the collection element x, k hash values/>, are calculated and foundCorresponding cuum hash bucketIf/>If the empty hash bucket exists, randomly inserting the element x into the empty hash bucket; if/>With elements in it, randomly select a bucketAnd taking out the element y in the barrel, inserting the element x, and reinserting the element y which is taken out according to the mapping rule. After a certain number of iterations, the element that is eventually fetched is placed into stash if the mapping process has not yet terminated. The present invention uses 3 different hash functions in the Booth hash process, whenWhen stash is present, the probability is only/>Is negligible.
(2) A simple hash (SIMPLE HASHING); is usually used together with the valley hash to improve the calculation efficiency. Simple hash utilizationIndividual hash functions/>M elements can be mapped to/>Within a simple hash bucket, unlike a valley hash, multiple elements are allowed to exist in each simple hash bucket. The mapping rules are as follows: first will/>The hash buckets are initialized and denoted/>(/>). For the collection element x, k hash values/>, are calculated and foundCorresponding simple hash bucket/>Element x is inserted into all corresponding buckets until all element mappings end. Like the cuisine hash, the simple hash scheme in the present invention also uses/>A hash function.
(3) Yao Shi chaotic circuit protocols; the encryption is carried out on the basis of the Boolean circuit, the protocol process is decrypted layer by layer in a manner of the confusing transmission, and the correct result can be calculated safely under the condition that the two parties do not know the privacy input of the other party. The protocol does not leak additional information beyond the final output of the circuit.
(4) A secret sharing scheme; typically comprising two parties P 0 and P 1, each holding an arithmetic share of the secret value xAnd/>No one party can obtain additional information about the secret value x, which can only be recovered by interactively using the other party's shares. Sharing operation: the secret value x is shared to both parties in the form of shares. And (3) reconstruction operation: both parties recover the secret value x by using the shares together.
Three secret sharing modes are used in the invention, including arithmetic sharing (ARITHMETIC SHARING), boolean sharing (Boolean sharing) and Yao Shi chaotic circuit sharing (Yao sharing), and the expression modes are as follows:
and (3) arithmetic sharing: secret value The arithmetic share of (1) is expressed as/>And/>Satisfies the following conditions。
Boolean sharing: secret valueThe Boolean share of (1) is denoted/>And/>Satisfies the following conditions。
Yao Shi chaotic circuit sharing: secret valueThe share of Yao Shi is denoted/>And/>,/>,/>. Wherein/>,/>。
(5) Share multiplication protocol; the parties P 0 and P 1 hold arithmetic shares under secret sharing of the respective secret values x and y, respectivelyAnd/>. If both parties want secure computation/>Is obtained by executing the protocolArithmetic secret share/>And/>Then, the secret value z can be recovered through the reconstruction operation. The share multiplication protocol can be implemented by using common state encryption, beaver multiplication triplets and other known techniques.
(6) A2B conversion protocol; participants P 0 and P 1 can share the arithmetic held by eachAnd/>Converting the share into Boolean share/>, by means of A2B conversion protocolAnd/>。
(7) A2Y conversion protocol; participants P 0 and P 1 can share the arithmetic held by eachAnd/>Converting the input into the shared share/>, which is Yao Shi to confuse the input of the circuit, by means of an A2Y conversion protocolAnd/>。
(8) Y2A conversion protocol; participants P 0 and P 1 can share the Yao Shi shares held by eachAnd/>Converting the share into arithmetic share/>, by means of a Y2A conversion protocolAnd/>。
(9) Arithmetic sharing equivalent test protocol; participants P 0 and P 1 can test whether the respective private inputs x and y are identical by running the protocol. If x=y, the protocol will eventually output c=1, otherwise c=0. After the protocol is finished, P 0 and P 1 respectively output the arithmetic share of cAnd/>Satisfy/>In addition to this, no other additional information is revealed.
(10) Zero value test protocol; through the zero-value test protocol, the parties P 0 and P 1 can determine the share of the arithmetic in the handAnd/>Whether the reconstructed value of (c) is 0. Such as/>Then both sides will get an arithmetic share output/>, of 1,Otherwise, an arithmetic share output of 0 is obtained.
(11) Comparing the protocols; by comparing the protocols, the parties P 0 and P 1 can determine the magnitudes of the secret value x and the public value R, output an arithmetic share of 0 if R > x, otherwise output an arithmetic share of 1.
Example 1
The embodiment provides a privacy protection method for multi-party private set operation under a threshold condition, wherein related flows are shown in fig. 1, and an architecture diagram of a participant, a receiver and a cloud server is shown in fig. 2.
In the present embodiment, a functional description of the protocol;
For the participators Respectively grasp respective private data sets,/>Is the mth data in the ith participant private data set. The protocol works by introducing two non-collusion auxiliary computing cloud servers/>And/>And the complex calculation and storage tasks are delegated to the cloud, so that the workload of the client is reduced. In actually scheduling deployment, it is recommended to choose to use the servers of two different cloud service platforms for auxiliary computation.
The protocol can safely calculate the sum of the multi-party set operation and the set size combined with the threshold t and the related statistical data, and any party (including the client P outside the data input party) can obtain the final calculation result. The protocol calculation and interaction process is carried out on a finite field F p (p is a large prime number), and the collection cannot be revealedAnd any information beyond the final result.
The formalized description of the protocol is as follows:
Parameters: element space C, threshold t; the element space C refers to the element space (i.e., all possible elements) of the entire input field of the set of participants.
Input of participantsInput of (1) is/>; Receiver/>Possessing additional input/>;/>No input; if the participant who wants to calculate the association data and the value uploads the association data of all the elements of the input domain to the cloud, therefore |c| number of the association data is required, and the association data of the elements which are not in the participant set is set to 0.
And (3) outputting: No output is generated;
And (3) outputting:
① A set of elements that satisfy a threshold condition;
When t=1, the receiving party Output set union/>。
When 1< t < n, the receiverOutput of aggregate elements meeting threshold conditions/>。
The method comprises the following steps: searching according to the element space sequence (1, 2.), if an element X exists in the party set X i, setting the index of the element X to 0, namely, the calculated result is equal to 1, accumulating the element X (the 0 th power of any X is equal to 1), and if the accumulated value of the element is greater than or equal to t, outputting the element X; representing that the protocol is performed in element order of the element space, if a certain party/> If the element x exists, setting the element index to 0; /(I)When the agreement is performed according to the element sequence of the element space, the elements x corresponding to all the participants are calculated and added, and if the elements in all the participant sets meet the threshold condition, the elements x are output.
For example, first look at element 1, if the participant has the element, the index of 1 is set to 0, and then the results of all the participant elements 1 are accumulated and compared with the threshold t.
When t=n, the receiving sideOutput set intersection/>。
② Element set size meeting threshold condition。
③ Element set and value satisfying threshold condition。
The specific construction method of the protocol comprises the following steps.
(1) Calculating an element set meeting a threshold condition;
(1-1) ith participant For its private collections/>Performing simple hash operation to obtain a simple hash bucketThe elemental form in a simple hash bucket is denoted/>Wherein/>D is the size of a simple hash bucket,/>As a hash function,/>Is the number of hash buckets.
(1-2) Cloud serverAnd/>Performing a cuum hash operation on the elements in the element space C to obtain a cuum hash bucket。
(1-3) ForParticipant/>Polynomial construction is performed on the j-th simple hash bucket, wherein the polynomial is thatWherein y is an argument of a polynomial function, namely an element in a simple hash bucket corresponding to each participant; /(I)Is an exponential form of an argument; p is the exponent of the argument, d elements in the simple hash bucket, and the p value is 0~d; /(I)The constant term under the corresponding independent variable index has d+1 constant terms, and the value range is 0~d; forming all elements in the simple hash bucket into a polynomial form, and if the polynomial result is 0, determining that the elements belong to the set; the coefficients/>, of the polynomial of the simple hash bucket construction are then chosenArithmetic share is arithmetic share/>And/>And respectively send to two cloud servers/>。
(1-4) ForAccording to the element order in the element space,/>And/>Finding the position of a cuum hash bucket corresponding to each element, then calling a share multiplication protocol for multiple times, and calculating arithmetic secret share/>And。
(1-5) For,/>And/>Will/>And/>As input, the zero value test protocol is called for multiple times to obtain an arithmetic share output result/>And/>And accumulate the results to obtain accumulated results/>And/>。
(1-6) For,/>And/>Will/>、/>And a threshold t is used as input, a comparison protocol is called, and an output result/> isobtained。
(1-7)And/>Will/>Send to receiver/>,/>Accumulating the output results to obtain element sets/>, which meet the threshold condition。
After the comparison protocol is called, the output value is 0 or 1,1 indicates that the threshold condition is met, and 0 indicates that the threshold condition is not met; when t is set to 1, the output result is a private set union; when t is set to n, the output result is a private set intersection; when t is other value, the output result is private collection information meeting the threshold condition. Because the protocol is performed according to the element space sequence, after the receiver takes the share output to reconstruct, the receiver can clearly know which elements meet the threshold condition.
(2) Calculating element set sizes meeting threshold conditions。
Steps (2-1) - (2-6) are the same as in step (1).
(2-7) For,/>And/>Will/>The element accumulation result/>, is obtained by calculation after accumulationAnd/>And sends it to the receiver/>,/>Reconstructing the element accumulation result to obtain/>Namely, the element set size/>, which meets the threshold condition。
(3) Sum value of element set associated data satisfying threshold condition。
Steps (3-1) - (3-6) are the same as in step (1).
(3-7) Use ofRepresentation/>A set of medium element association data; /(I)Will/>Arithmetic share is arithmetic share/>And/>Transmission/>Give/>Transmission/>Give/>。
(3-8) For,/>To/>For input,/>To/>For input, both parties call a share multiplication protocol,/>Obtain output/>,/>Obtain output/>。
(3-9)Calculate the sum/>,/>Calculate the sum/>And send to the receiver/>,/>Calculation/>I.e. the sum of the element set association data satisfying the threshold condition.
It should be noted that, all data are obtained based on compliance with laws and regulations and user consent, and the data are legally applied.
Example 2
The embodiment provides a privacy protection system for multi-party private set operation under a threshold condition, which comprises: a participant, a receiver and at least a cloud server; the cloud server receives the operation requirement, determines the element space and the threshold condition of the private set of the party, and then sends the element set, the element set size and the statistical result of related associated data in the element set meeting the threshold condition to the receiver;
The cloud server is configured to:
Acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares;
and calling a zero-value test protocol by taking the arithmetic secret share as input to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result satisfy the threshold condition.
In the present embodiment, the element set satisfying the threshold condition is: when the threshold condition t is set to 1, the private set union is output, when the threshold condition t is set to n, the private set intersection is output, and when the threshold condition t is other value, the private set information satisfying the threshold condition is output,/>Representing the order of elements in element space if the ith party/>If there is an element x, the element index is set to 0, and n is the number of participants.
In this embodiment, the element set size is: output result after comparisonAdding to obtain element adding result/>And/>And reconstructing the element accumulation result to obtain the element set size meeting the threshold condition, wherein C is the element space.
In this embodiment, the statistical result of the related data in the element set is:
Hash the cloth valley barrel The set of medium element association data is denoted/>Will beArithmetic share is arithmetic share/>And/>;
The first cloud server receivesTo/>For input, a share multiplication protocol is called to obtain output/>;
Second cloud server receptionTo/>For input, a share multiplication protocol is called to obtain output/>;/>Outputting a result after comparison;
first cloud server computing sum value Second cloud server computing sum valueThus, the sum of the two sum values is the sum value of the related associated data in the element set satisfying the threshold condition.
It should be noted that the above modules correspond to the steps described in embodiment 1, and the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in embodiment 1. It should be noted that the modules described above may be implemented as part of a system in a computer system, such as a set of computer-executable instructions.
In further embodiments, there is also provided:
An electronic device comprising a memory and a processor and computer instructions stored on the memory and running on the processor, which when executed by the processor, perform the method described in embodiment 1. For brevity, the description is omitted here.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processors, digital signal processors DSP, application specific integrated circuits ASIC, off-the-shelf programmable gate array FPGA or other programmable logic device, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include read only memory and random access memory and provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store information of the device type.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method described in embodiment 1.
The method in embodiment 1 may be directly embodied as a hardware processor executing or executed with a combination of hardware and software modules in the processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method. To avoid repetition, a detailed description is not provided herein.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.
Claims (3)
1. The privacy protection method for the multi-party private collection operation under the threshold condition is characterized by being applied to at least two cloud servers and comprising the following steps of:
receiving operation requirements, and determining element space and threshold conditions of a private collection of a participant;
Acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares;
Taking the arithmetic secret share as input, calling a zero-value test protocol to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result of related data in the element set meet the threshold condition;
The arithmetic share of the secret value of each private set of the participants under the arithmetic share is as follows:
For the ith participant Private collections/>Performing simple hash operation to obtain a simple hash bucket/>,Is an element in a simple hash bucket; polynomial construction of jth simple hash bucketCoefficients of polynomial to construct simple hash bucketArithmetic share is arithmetic share/>And/>Respectively sending the data to two cloud servers, wherein d is the size of a simple hash bucket; /(I)Is a hash function; y is an argument of a polynomial function, namely an element in a simple hash bucket corresponding to each participant; /(I)Is an exponential form of an argument; p is the exponent of the argument; /(I)Is a constant term corresponding to the argument index;
Said arithmetically secret shares And/>For input, a zero value test protocol is called to obtain an arithmetic share output result/>And/>And accumulate them to obtain accumulation resultAnd/>N is the number of the participants;
The element set meeting the threshold condition is as follows: when the threshold condition t is set to 1, the private set union is output, when the threshold condition t is set to n, the private set intersection is output, and when the threshold condition t is other value, the private set information satisfying the threshold condition is output ,/>Representing the order of elements in element space if the ith party/>If the element x exists, setting the element index to 0, wherein n is the number of the participants;
The element set size is: output result after comparison Adding to obtain element adding result/>And/>Reconstructing the element accumulation result to obtain the element set size meeting the threshold condition, wherein C is an element space;
the statistical result of the related associated data in the element set is as follows:
Hash the cloth valley barrel The set of medium element association data is denoted/>Will/>Arithmetic share is arithmetic share/>And/>;
The first cloud server receivesTo/>For input, a share multiplication protocol is called to obtain output/>;
Second cloud server receptionTo/>For input, a share multiplication protocol is called to obtain output/>;/>Outputting a result after comparison;
first cloud server computing sum value Second cloud server computing sum valueThus, the sum of the two sum values is the sum value of the related associated data in the element set satisfying the threshold condition.
2. A privacy protection system for multi-party private set operation under a threshold condition, wherein the privacy protection method for implementing multi-party private set operation under a threshold condition as claimed in claim 1 specifically comprises: the cloud server comprises a participant, a receiver and at least two cloud servers; the cloud server receives the operation requirement, determines the element space and the threshold condition of the private set of the party, and then sends the element set, the element set size and the statistical result of related associated data in the element set meeting the threshold condition to the receiver;
The cloud server is configured to:
Acquiring arithmetic share of secret values of private sets of all parties under arithmetic share, performing a cueing hash operation on elements in an element space, sequentially determining positions of cueing hash buckets corresponding to the elements according to element sequences, and calling a multiplication protocol according to the corresponding arithmetic share to obtain arithmetic secret shares;
and calling a zero-value test protocol by taking the arithmetic secret share as input to obtain an arithmetic share output result, accumulating the arithmetic share output result, and comparing the accumulated result with a threshold condition to obtain an element set, an element set size and a statistical result of related data in the element set, wherein the element set, the element set size and the statistical result satisfy the threshold condition.
3. The privacy preserving system of claim 2, wherein the set of elements satisfying the threshold condition is: when the threshold condition t is set to 1, the private set union is output, when the threshold condition t is set to n, the private set intersection is output, and when the threshold condition t is other value, the private set information satisfying the threshold condition is output,/>Representing the order of elements in element space if the ith party/>If there is an element x, the element index is set to 0, and n is the number of participants.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410155004.0A CN117692144B (en) | 2024-02-04 | 2024-02-04 | Privacy protection method and system for multi-party private set operation under threshold condition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410155004.0A CN117692144B (en) | 2024-02-04 | 2024-02-04 | Privacy protection method and system for multi-party private set operation under threshold condition |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117692144A CN117692144A (en) | 2024-03-12 |
| CN117692144B true CN117692144B (en) | 2024-05-07 |
Family
ID=90135769
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410155004.0A Active CN117692144B (en) | 2024-02-04 | 2024-02-04 | Privacy protection method and system for multi-party private set operation under threshold condition |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117692144B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111934854A (en) * | 2019-05-13 | 2020-11-13 | 腾讯科技(北京)有限公司 | Data determination method and device, storage medium and electronic device |
| CN113438078A (en) * | 2021-08-26 | 2021-09-24 | 山东师范大学 | Privacy protection method and system in multi-client intersection data calculation process |
| CN117411616A (en) * | 2022-07-06 | 2024-01-16 | 河南师范大学 | Multiparty threshold privacy set intersection method |
| CN117478330A (en) * | 2023-11-17 | 2024-01-30 | 泉城省实验室 | Three-party privacy set intersection cardinality solving method based on bilinear mapping and bloom filter |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9158925B2 (en) * | 2013-11-27 | 2015-10-13 | Microsoft Technology Licensing, Llc | Server-aided private set intersection (PSI) with data transfer |
| US11201734B2 (en) * | 2018-06-04 | 2021-12-14 | Robert Bosch Gmbh | Method and system for fault tolerant and secure multiparty computation with SPDZ |
-
2024
- 2024-02-04 CN CN202410155004.0A patent/CN117692144B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111934854A (en) * | 2019-05-13 | 2020-11-13 | 腾讯科技(北京)有限公司 | Data determination method and device, storage medium and electronic device |
| CN113438078A (en) * | 2021-08-26 | 2021-09-24 | 山东师范大学 | Privacy protection method and system in multi-client intersection data calculation process |
| CN117411616A (en) * | 2022-07-06 | 2024-01-16 | 河南师范大学 | Multiparty threshold privacy set intersection method |
| CN117478330A (en) * | 2023-11-17 | 2024-01-30 | 泉城省实验室 | Three-party privacy set intersection cardinality solving method based on bilinear mapping and bloom filter |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117692144A (en) | 2024-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113557512B (en) | Secure multi-party arrival frequency and frequency estimation | |
| CN112906044B (en) | Multi-party security calculation method, device, equipment and storage medium | |
| CN110999209B (en) | Apparatus, method and non-transitory computer readable medium for communication | |
| CN110719159A (en) | Multi-party privacy set intersection method for resisting malicious enemies | |
| WO2020216875A1 (en) | Methods and systems for privacy preserving evaluation of machine learning models | |
| Troncoso-Pastoriza et al. | Secure signal processing in the cloud: enabling technologies for privacy-preserving multimedia cloud processing | |
| CN111008406B (en) | Method and device for performing service processing based on consistency detection of private data | |
| CN114039785B (en) | Data encryption, decryption and processing methods, devices, equipment and storage medium | |
| WO2023240934A1 (en) | Security processing method and apparatus for privacy vector | |
| Choi et al. | Compressed oblivious encoding for homomorphically encrypted search | |
| CN111026359A (en) | Method and device for judging numerical range of private data in multi-party combination manner | |
| Dittmer et al. | Function secret sharing for psi-ca: With applications to private contact tracing | |
| Asharov et al. | Efficient secure three-party sorting with applications to data analysis and heavy hitters | |
| CN113343283B (en) | Data processing method | |
| Rong et al. | Privacy‐Preserving k‐Means Clustering under Multiowner Setting in Distributed Cloud Environments | |
| Yadav et al. | Private computation of the Schulze voting method over the cloud | |
| CN114520721A (en) | Multi-party secure computation privacy intersection method, device, equipment and storage medium | |
| Li et al. | PMDP: A framework for preserving multiparty data privacy in cloud computing | |
| CN112272082B (en) | Image encryption/decryption method and device, electronic equipment and storage medium | |
| CN117692144B (en) | Privacy protection method and system for multi-party private set operation under threshold condition | |
| CN115952526B (en) | Ciphertext ordering method, equipment and storage medium | |
| CN116821961A (en) | Boolean arithmetic sharing conversion method and device for protecting privacy data | |
| CN110807211A (en) | Method, system, readable medium and electronic device for safely acquiring user intersection | |
| CN115174237B (en) | Method and device for detecting malicious traffic of Internet of things system and electronic equipment | |
| CN115134078A (en) | Secret sharing-based statistical method and device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |